Back
Business Academy

How to avoid mobile app security scares

Share on Facebook Share on Twitter Share on Linkedin Share via OneNote Share via Email Print

Workplace mobility has freed employees from their desks. Effective collaboration is no longer dependent on whether coworkers are in the same room, building or even country as their colleagues. The mobile devices, apps and policies that enable mobility have created a new generation of workers. But as the electronic net widens, organizations face increased security risks.

Security breaches are not to be taken lightly. What seems like a small security issue can cost your company big. According to the Ponemon Institute (via IBM) the average total cost of a single data breach is $3.79 million. Make sure you’re taking the necessary steps to protect your organization.

Manage BYOD and minimize Shadow IT

As more employees seek mobility in the workplace, bring-your-own-device (BYOD) policies are becoming commonplace. According to the Aberdeen Group (via SearchSecurity), 77 percent of enterprise respondents have launched mobility initiatives in response to pressure from executives seeking increased productivity. But unauthorized app usage might open the door to cybersecurity threats.

According to SearchSecurity, “The BYOD trend means employees use their personal smartphones and tablets to work from anywhere, and many of them download mobile apps to do so.” Unfortunately, these apps may or may not keep your data secure, creating Shadow IT—the use of apps within an organization without the approval (or even knowledge) of corporate IT—can make organizations vulnerable to threats. Despite proactive organizations’ IT policies outlining BYOD best practices, employee adherence is not guaranteed.

To best protect your information, monitor your network for threats, create a BYOD policy, provide a list of apps that are approved for employee use and continually communicate with and educate employees on the importance of safe mobile strategies.

Invest in mobile app security

In a perfect world, developers are aware of the potential implications of how their applications access data and interact with other apps, and they design them to be secure by default. Unfortunately, in the real world, developers and software companies devote millions of dollars to mobile application development but focus little money on security. Because mobile apps are typically created with very little security oversight, vulnerabilities can open the door to severe threats. According to an IBM report by the Ponemon Institute (via TechTarget), $34 million on average is spent on mobile app development, but only 6 percent of this is for security.

Ensure that the apps your employees use to access company data and information is developed with security in-mind, and avoid finding out the hard way—when a data breach has already happened.

Know where to watch for vulnerabilities and threats

According to Microsoft’s 2016 Trends in Cybersecurity, 44.2 percent of all disclosed vulnerabilities are found in applications other than web browsers and operating system applications (mainly mobile apps).

“Many security teams focus their efforts on patching operating systems and web browsers. But vulnerabilities in those two types of software usually account for a minority of the publicly disclosed vulnerabilities. The majority of vulnerabilities are in applications,” the e-book states. “Security teams need to spend appropriate time on assessing and patching these vulnerabilities. Otherwise, they could be missing the bulk of vulnerabilities in their environments.”

In addition to application-based threats, there are a wide variety of places where a lack of mobile security leaves you vulnerable. From these application-based threats (like malware and spyware), to web-based threats (such as phishing, drive-by downloads and browser exploits), to network threats (from network exploits and Wi-Fi sniffing), to physical threats (when devices are lost or stolen).

True mobile security looks at the big picture and continually monitors your network for threats. Broaden your security approach to include these vulnerable entry points.

Put mobile security first

Mobile access is no longer limited to remote workers and frequent travelers—having access to company information from mobile devices is the standard in today’s workforce. Despite its many benefits, BYOD culture has opened businesses up to additional cyber threats that can’t be ignored. To successfully maintain top-notch security, implement proactive security measures to ensure minimal threats to your business. Consider a solution designed to deliver the enterprise-grade security you require to access the cloud with confidence. When you make mobile security a priority at your organization, you can stop breaches at the source.

Related content

Top